Network Access Control

Hey, I'm just wondering if someone could help - I was trying to create a repositary for my ISE backup which is on an SFTP server but ISE sent a pop up to my screen stating: 'Host key of sftp server must be added through CLI using 'crypto host_key a...

Hi Guys, Good Day! May I ask if it is possible in ISE 1.4 for me to configure authorization profile to check if User1 tries to connect to a specific tunnel-group which is configured in the ASA? Thank you and have a nice day! Cheers

Hi experts!Regarding ISE: 1. Are there indications or suggestions on the maximum number of sub-levels for MAB group structure? 2. We would like to ask if the creation and manual static assignment of an endpoing object (MAB) to a static policy assignm...

Hi All, Given that Microsoft Active Directory has two limitations as follows: Cannot reject specific word to be used in Password Reset (e.g. company name)Cannot enforce Special Characters as Mandatory Complexity requirements (i.e. AD can accept the p...

Hello, "ISE1.3 - Number of device per guest user account"Is there a way to limt the allowed number of sessions per guest account ? I only allowed to connect one device per guets account but as we all know that ISE guest Usernames are not case sensiti...

Hi Folks, We are facing a problem that Cisco ACS 5.7.0.15.1 is unable to get synchronize with the NTP Server (AD as a NTP Source). See output below. Any help will be appreciated. TestACS1/admin# show logging | include ntp Nov 16 10:42:32 TestACS1 mon...

Hi all, in the old versions of Cisco ACS ( 4.x ) there is the option to configure a workstation name (by default set to "CISCO")  that it will be used as "presentation name" to AD.    you can find this conf under : external user database-->database c...

I work for a service provider company and helped out one of my colleagues today who had trouble with getting a newly installed C896VA-K9 router (running IOS 15.4) to authenticate with our public CA server via the internet. That is when I witnessed so...

Customer have ISE version 1.2 and have BASE and advanced licence but he need to upgrade to version 3.0 so the customer can install the advanced licence after the upgrade to  version (3.0).

I HAVE CONFIGURES THE ISE AUTHORIZATION FOR GUEST "CWA". WHEN THE GUEST TRY TO ACESS THE NETWORK ISE SENDS THE URL TO MY SWITCH 2960-S.  I CAN SEE THE LINK  BY ISSUING THE COMMAND SHOW AUTHENTICATION SEESION INTERFACE GI 1/0/14 BUT THE CLIENT BROW...

It's no secret that there are literally thousands of machines running "new ip" scripts, and sweep scripts just looking for new devices to attack on the web. Once a new device (new IP) comes online these scripts typically run several sweep/tests like ...

Users connect to wifi and and auth'd against LDAP and assigned a VLAN based on LDAP info UNLESS they are on a mobile device. In that case they're assigned to a "mobile" VLAN for all the personal phones, tablets, etc. This is working great except that...